diff --git a/src/admin/sys_info.php b/src/admin/sys_info.php
index 535fb205..73233f0c 100644
--- a/src/admin/sys_info.php
+++ b/src/admin/sys_info.php
@@ -32,6 +32,7 @@ function ReWriteConfig()
             if ($row['value'] == '') $row['value'] = 0;
             fwrite($fp, "\${$row['varname']} = ".$row['value'].";\r\n");
         } else {
+            $row['value'] = stripslashes($row['value']);
             fwrite($fp, "\${$row['varname']} = '".str_replace("'", '', $row['value'])."';\r\n");
         }
     }
@@ -49,6 +50,9 @@ if ($dopost == "save") {
             continue;
         }
         $k = preg_replace("#^edit___#", "", $k);
+        
+        $v = $dsql->Esc($v);
+        $k = $dsql->Esc($k);
         $dsql->ExecuteNoneQuery("UPDATE `#@__sysconfig` SET `value`='$v' WHERE varname='$k' ");
     }
     ReWriteConfig();
diff --git a/src/system/database/dedesqli.class.php b/src/system/database/dedesqli.class.php
index 9a0c3a0d..f744e200 100755
--- a/src/system/database/dedesqli.class.php
+++ b/src/system/database/dedesqli.class.php
@@ -189,6 +189,10 @@ class DedeSqli
 
     function Esc($_str)
     {
+        global $dsqli;
+        if (!$dsqli->isInit) {
+            $this->Init($this->pconnect);
+        }
         if (version_compare(phpversion(), '4.3.0', '>=')) {
             return @mysqli_real_escape_string($this->linkID, $_str);
         } else {
diff --git a/src/system/database/dedesqlite.class.php b/src/system/database/dedesqlite.class.php
index cde6874a..f15afede 100755
--- a/src/system/database/dedesqlite.class.php
+++ b/src/system/database/dedesqlite.class.php
@@ -163,7 +163,7 @@ class DedeSqlite
 
     function Esc($_str)
     {
-        return addslashes($_str);
+        return $this->linkID->escapeString($_str);
     }
 
     //执行一个不返回结果的SQL语句，如update,delete,insert等